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DETAILED ACTION 



1. 



This Office Action is responsive to the communication filed on 01/10/2008. 



2. 



Claims 1-42 are presented for examination. 



Claim Rejections - 35 USC § 101 



3. 



35 U.S.C. 101 reads as follows: 



Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or 
any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and 
requirements of this title. 



4. Claims 12-19 are rejected under 35 U.S.C. 101 because the claimed invention is directed 
to non-statutory subject matter. Applicant's specification (page 46) teaches that a signal may be 
used to as a medium. In this embodiment the program is still unable to act as a computer 
component and have its functionality realized. 



5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

6. The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 
(1966), that are applied for establishing a background for determining obviousness under 35 
U.S.C. 103(a) are summarized as follows: 

1 . Determining the scope and contents of the prior art. 

2. Ascertaining the differences between the prior art and the claims at issue. 



Claim Rejections - 35 USC § 103 
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3. Resolving the level of ordinary skill in the pertinent art. 

4. Considering objective evidence present in the application indicating obviousness 
or nonobviousness. 

7. Claims rejected under 35 U.S.C. 103(a) as being unpatentable over Raciborski et al. 
(USPN 20050132083) in view over Heath et al. (USPN 6006034) 

8. As per claims 1, 12, and 42, Raciborski et al teaches a method comprising: 
receiving, at a server, a request from a client to take an action with respect to an 

electronic document ([ABSTRACT], [0028]); 

retrieving a document identifier from the request ([0023] e.g., which documents to be 
downloaded, selection of subset from pre-dcfincd group, status information,, and usage 
information); 

determining whether user authentication is needed based on the document identifier and the 
action ([0020] ,[0036] e.g., user identification for content group as to permit content download 
for the selected content objects); 

sending information specifying an acceptable authentication procedure ([0033], [FIG 4D] 
e.g., download manager program]); 

obtaining, at the server and in response to the request, a software program comprising 
instructions operable to cause one or more data processing apparatus to perform operations 
effecting an authentication procedure ([0033], [0041], [FIG 4D -404-428] e.g., password 
authentication),; 

sending the authentication program to the client for use in identifying a current user and 
controlling the action with respect to the electronic document based on the current user and 
document-permissions information associated with the electronic document ([0041], [0043] e.g., 
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user identifying, i.e., passwords, and controlling action, i.e., unauthorized downloading, with 
respect to the content objects upon receiving the download manager) 

However, Raciborski et al. does not teach a client requesting an authentication procedure 
update request (unless it is interpreted that download manager is compiled/updated after the 
content objects are requested from a user. It is implied that subsequent content objects requests 
are made via a user, in effect requiring a new compilation of the download manager software, 
i.e., authentication procedure). Heath teaches an automatic application upgrade initiated via a 
client request ([COL 1 lines 55-65], [COL 2 lines 1-15, lines 46-50]) 

Therefore, at the time the invention was made, one of ordinary skill in the art would have 
motivation to initiate an update request via a client to ensure local client programs are current. It 
is foreseeable that modifications to resident server programs are likely to occur, in effect 
requiring a corresponding update to a client's software. By enabling a client to request an update 
request, the system ensures that both remote and local programs are current. 
9. As per claims 3, 14, and 36 Raciborski et al, as modified, teaches a method comprising: 

receiving at a server a request from a client to take an action with respect to 
an electronic document (ABSTRACT], [0028]);; 

obtaining at the server and in response to the request a software program comprising 
instructions operable to cause one or more data processing apparatus to perform operations 
effecting an authentication procedure ([FIG 4D], [0033] - download manager); 

sending the authentication program to the client for use in identifying a current user and 
controlling the action with respect to the electronic document based on the current user and 
document-permissions information associated with the electronic document ([0033], [FIG 4D], 



Application/Control Number: 10/699,165 Page 5 

Art Unit: 2121 

[0041]); 

receiving an updated authentication procedure (e.g., supra Heath claim 1 for discussion); 

receiving a subsequent request from the client to take the action with respect to the electronic 
document ([COL 2 lines 1-15, lines 46-50] e.g., Heath teaches periodic requests for an update); 

obtaining, in response to the subsequent request, a new software program comprising 
instructions operable to cause one or more data processing apparatus to perform operations 
effecting the updated authentication procedure (e.g. Heath ,as applied to the download manager, 
teaches a client update request is receptive to an updated application program, where the 
download manager, supra Rociborski et al. provides a download manager); and 

sending the new software program to the client for use in identifying the current user and 
controlling the action with respect to the electronic document based on the current user and the 
document-permissions information associated with the electronic document ( [FIG 4D], [0041], 
0043]) 

10. As per claims 4, 15, and 37 Rociborski et al. teaches the method of claim 1, wherein the 
software program uses an existing interface provided by the client to communicate authentication 
information to the server ([FIG 2A-208]). 

11. As per claims 6, 17, and 39 Rociborski et al. teaches the method of claim 5, wherein the 
input obtained by the client comprises text input ([0041], [0043] e.g., password). 

12. As per claims 7,18, and 40 a Rociborski et al. teaches the method of claim 5, wherein the 
input obtained by the client comprises biometric data ([0043] e.g., biometric authentication) 

13. As per claim 23, Rociborski et al. teaches a system comprising: 
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a client that sends a request to a server when an action is to be taken with respect to an 
electronic document local to the client ([0031] vs [0037] e.g., content downloaded local to user 
machine. 'Local to the client', not defined, is interpreted as a file designated for download to a 
particular machine opposed to multiple machines, i.e., remote to client ) ; 

the server that receives the request, and in response to the client, the server obtains and sends 
a software program comprising instructions operable to cause one or more data processing 
apparatus to perform operations effecting an authentication procedure ([0033] e.g., download 
manager); and 

wherein the client uses the authentication program to identify a current user and control the 
action with respect to the electronic document based on the current user and document- 
permissions information associated with the electronic document ([0041], [0043], [FIG 4D]) 

14. As per claim 25 Rociborski et al. teaches the system of claim 23, wherein the client 
includes a security handler that provides a server-communication interface to the software 
program ([0020] e.g., transaction session identifier) 

15. Claims 2,13,24, and 35 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Raciborski et al. (USPN 20050132083) in view over Heath et al. (USPN 6006034) and in further 
view over Kano et al. (USPN 20030135650) 

16. As per claims 2,13, 24, and 35, Raciborski et al. teaches a server comprising an 
application program ([0033]); however, the reference does not teach requesting and receiving the 
program from a second server. Kano et al. teaches a backup server ([ABSTRACT]) 
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Therefore, at the time the invention was made, it would have been obvious to have provided 
a backup server as taught by Kano et al. to provide fault tolerant system. In the event of a 
primary server failure, it would be advantageous to enable the software to be downloaded from a 
backup server as to enable continuous access to content. 

17. Claims 8, 19, 27, 38, and 41 are rejected over Raciborski et al. (USPN 20050132083) in 
view of Heath et al. (USPN 6006034) and in further view of Hu (USPN 5586260). 

18. As per claim 8, 19, 27, 38, and 41, Raciborski et al. teaches receiving input from a client 
using the software ([0041], [0043]) e.g., password). It does not teach receiving an authentication 
receipt from a third party authentication server based on input obtained by the client using the 
software. Hu teaches returning an access key from an authentication gateway acting as a proxy 
server to the client, i.e., receipt, based on credentials ([ABSTRACT], [COL 1 lines 58-63] e.g., 
receiving an authentication receipt from a third party authentication server) and verifying the 
current user with the third party authentication server using the authentication receipt ([COL 1 
lines 18-20], lines 59-63], [ABSTRACT] e.g., authenticating a client) 

Therefore, at the time the invention was made, it would have been obvious to have provided a 
means in which to authenticate a client via saving security credentials,. Raciborski et al. teaches 
authenticating a user via credentials as to enable access to content on a server. Hu et al. teaches 
saving security credentials for later use and generating an access key for their retrieval and 
passing the access key to the client. In effect, saving the security credentials for later use and 
providing an access key for their retrieval obviates the need for repeated authentication. As a 
result, the system is further optimized and limits redundant authentication procedures. 
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19. As per claims 5,16,26, and 38, Raciborski et al teaches receiving credentials information 
from the client derived at least in part based on input obtained by the client using the software 
program ([0041], [0043] e.g., passwords). However, the reference does not teach 
communicating with a third party authentication server to authenticate the current user based on 
the credentials information. Hu teaches a third party authentication server ([ABSTRACT]) 

Therefore, at the time the invention was made, one of ordinary skill in the art would have 
motivation to implement a third party authentication server as taught by Hu et al. Hu teaches a 
method for authenticating a client for a server. Raciborski teaches a system for authenticating a 
user/client to enable access to content stored on a server. Since a third party authentication 
server provides a well known means in which to maintain, store, and retrieve credentials, it 
would have been advantageous to provide this server as an additional means, in effect providing 
both redundancy in addition to reducing load on the primary server. 

20. As per claim 28, Raciborski et al., as modified, teaches a server comprising: 
a server core with configuration and logging components ([0029]) 

an internal services component that provides functionality across dynamically loaded 
methods ([0029] e.g., web page) 

dynamically loaded external services providers, including an authentication service 
provide ( supra Hu for authentication server - ABSTRACT) 

2 1 . Claim 29 is rejected Raciborski et al. (USPN 20050 1 32083) in view of Tenerelllo (USPN 
7233981) 

22. As per claim 29, Raciborski et al. teaches a business logic tier comprising a cluster of 
document control servers ([0029] e.g. content delivery networks); an application tier including 
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the client comprising a viewer client, a securing client, and an administration client ([FIG 1-FIG 
2A - client computer functions via providing a view - browser, securing - downloading the 
manager (securing a program), and administration (storage media)). However, Racoborski et 1 
does not teach a load balancer that routes client requests to the document control server. 
Tenerello teaches a system and method for load balancing ([COL 1 lines 14-20], [COL 2 lines 
63-67]) 

Therefore, at the time the invention was made, one of ordinary skill would have motivation 
to load balance a system. Raciborski et al. teaches that various user computers may access 
content objects ([0029]) Tenerello teaches a load balancing means in which multiple requests 
may be efficiently processed. Since load balancing increases performance of a system, it would 
have been obvious to have enabled a system employing multiple user computers, each requesting 
access to a resource, a means to load balance the requests as to optimize the system. 

Response to Amendment 

23. The amendment, filed 12/20/2007, has been entered. 

Response to Arguments 

24. Applicant's arguments with respect to claims 1-42 have been considered but are moot in 
view of the new ground(s) of rejection. 

Conclusion 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to DARRIN DUNN whose telephone number is (571)270-1645. 
The examiner can normally be reached on EST:M-R(8:00-5:00) 9/5/4. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Albert DeCady can be reached on (571) 272-3819. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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/Albert DeCady/ 

Supervisory Patent Examiner, Art Unit 2121 



